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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

1 . Claims 20-28 and 30-31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Huff et al. (U.S. Patent Number 6,408,391 B1 ) in view of Monroe 
(U.S. Patent Number 6,392,692 B1). 

Regarding claim 20, Huff discloses in a mobile platform (see column 13 lines 37-62 and 
FIGURE 5), which can be an aircraft (see column 5 line 54-67), a security system for 
monitoring an onboard communication system communicating over a wireless link, 
which reads on claimed "intermittent link," (see column 5 lines 19-20, lines 59-64 and 
column 61-65), the security system comprising: 

• an onboard network (100, 700,732) accessible to a plurality of users, wherein the 
users are taught by Huff et al. to be internal and external users. See column 3 
lines 2-9; 

• a security server (114, 500, 600) onboard the mobile platform, which reads on 
claimed "intrusion detection system," connected to the onboard network (100, 
700,732); and See FIGURE 1 column 5 lines 33-53 and FIGURE 5 column 13 
lines 44-62; 
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• an Response Engine Module (272), which reads on claimed "onboard security 
management system," which resides in the said security server (114), 
responsive to the said server (114) for initiating an action to stop intrusion 
based on a set of object, which collectively called agents or missions), 
which reads on claimed "policies." See column 9 lines 6-17. Further, the 
action is directed to one of the said plurality of users, which reads on 
claim, "and such that the action is directed to one or more selected user 
access points," on the said onboard network (100). See column 11 lines 32- 
38; and 

• said Response Engine Module (272) further adapted to update the policies 
during the time the intermittent link (wireless link) has connection. See column 8 
lines 59-63. 

• disclose wherein the Response Engine Module (272) maintains an 
indicator, which reads on claim "status indicator," of a current operational 
state of each one of a plurality of network user access points of the 
onboard network. See column 12 lines 2-24. 

However, Huff does not explicitly state wherein the said security system communicates 
with a terrestrial-based system. 

Monroe teaches, as referenced by FIGURE 6 of a safety and surveillance 
equipment (transport installed system), residing on the said commercial vehicles, which 
reads on claimed "mobile network platform", the said transport installed system being 
interconnected via a link to the ground station or personal security unit, as disclosed in 
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column 2 lines 46-48, 56-61, which reads on claimed "terrestrial-based network security 
management system." 

Therefore, at the time of the invention it would have been obvious to a person of 
ordinary skilled in the art to modify Huff et al. in view of Monroe in order to provide a 
security monitoring system capable of being implemented on a mobile platform used to 
monitor and transmit intrusion information back to a terrestrial-based system. 

Regarding claim 21, as the combination of Huff et al. and Monroe are made, the 
combination according to claim 20, Huff continues to disclose wherein initiating the 
action to stop intrusion comprises sending an alert, which reads on claimed "warning," 
message to the user. See column 12 lines 2-8. 

Regarding claims 22 and 31, as the combination of Huff et al. and Monroe are made, 
the combination according to claims 20 and 28, Huff continues to disclose wherein 
initiating the action to stop intrusion comprises disconnecting the user's access to the 
onboard network. See column 11 lines 38-45. 

Regarding claims 23,30 and 36, as the combination of Huff et al. and Monroe are 
made, the combination according to claims 20, 28 and 34, Huff continues to disclose 
wherein the said Response Engine Module (272), further operates to provide an alert 
message when an intrusion event is detected. See column 1 1 lines 45-51 . 
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However, Huff fails to expressly teach of sending the message to a terrestrial- 
based system. 

Monroe teaches in column 12 lines 41-52 where information is sent from the 
aircraft to the ground base surveillance system. 

Therefore, at the time of the invention it would have been obvious to a person of 
ordinary skilled in the art to modify Huff et al. in view of Monroe in order to provide a 
security monitoring system capable of being implemented on a mobile platform used to 
monitor and transmit intrusion information back to a terrestrial-based system. 

Regarding claims 24 and 37, as the combination of Huff et al. and Monroe are made, 
the combination according to claims 20 and 34, Huff continues to disclose wherein the 
Response Engine Module (272) further operates to install a network traffic blocking filter 
(firewall) on one of a plurality of user access points of the onboard network. See 
column 5 lines 36-53. 

Regarding claim 25, as the combination of Huff et al. and Monroe are made, the 
combination according to claim 20, Huff fails to clearly discloses wherein to stop 
intrusion is directed to a specific one of a plurality of user access points of the 
onboard network. 

Monroe continue to teach wherein the said comprehensive surveillance system is 
comprised wherein the said transport installed system includes a plurality of sensors, 
which reads on claimed "plurality of user access points", such that the said breach of 
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security is associated with one of the said plurality of sensors and the said response is 
directed to said one of the plurality of sensors, as disclosed in column 16 lines 28-36. 

Therefore, at the time of the invention it would have been obvious to a person of 
ordinary skilled in the art to modify Huff et al. in view of Monroe in order to provide a 
security monitoring system capable of being implemented on a mobile platform used to 
monitor and transmit intrusion information back to a terrestrial-based system. 

Regarding claims 26, as the combination of Huff et al. and Monroe are made, the 
combination according to claims 20, Huff continues to disclose wherein the indicator 
provides a current operational state of each one of a plurality of network user access 
points of the onboard network. See column 12 lines 2-24. 

Regarding claims 27, as the combination of Huff et al. and Monroe are made, the 
combination according to claims 26, Huff continues to disclose wherein the indicator 
indicates one of: 

• a defensive category, which reads on claimed "normal operational state." See 
column 11 lines 22-32; 

• a misdirection category, which reads on claimed "suspect operational state "," 
wherein an intrusion event is suspected. See column 1 1 lines 32-38, and 

• a offensive category, which reads on claimed "disconnect state," in which access 
by a user of a specific access point on the onboard network is prevented. See 
column 1 1 lines 38-45. 
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Regarding claim 28, Huff discloses in a mobile platform (see column 13 lines 37-62 and 
FIGURE 5), which can be an aircraft (see column 5 line 54-67), a security system for 
monitoring an onboard communication system communicating over a wireless link, 
which reads on claimed "intermittent link," (see column 5 lines 19-20, lines 59-64 and 
column 61-65), the security system comprising: 

• an onboard network (100) accessible to a plurality of users, wherein the users 
are taught by Huff et al. to be internal and external users. See column 3 lines 2- 
9; 

• a security server (114, 500, 600) onboard the mobile platform, which reads on 
claimed "intrusion detection system," connected to the onboard network (100, 
700,732); and See FIGURE 1 column 5 lines 33-53 and FIGURE 5 column 13 
lines 44-62; 

• an Response Engine Module (272), which reads on claimed "onboard security 
management system," which resides in the said security server (114), responsive 
to the said server (114) for initiating an action to stop intrusion based on a set of 
object, which collectively called agents or missions), which reads on claimed 
"policies." See column 9 lines 6-17; and 

• wherein, the action can be directed, disclosed by Huff et al. as a misdirection 
category, wherein an intrusion event is suspected. See column 1 1 lines 32-38, 

• the said Response Engine Module (272) maintains an indicator of a current 
operational state of each one of the plurality of network user access points of the 
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onboard network, wherein the indicator indicates whether at least one of the 
following conditions are present: 

o a defensive category, which reads on claimed "normal operational state." 

See column 1 1 lines 22-32; 
o a misdirection category, which reads on claimed "suspect operational 
state "," wherein an intrusion event is suspected. See column 1 1 lines 32- 
38, and 

o a offensive category, which reads on claimed "disconnect state," in which 
access by a user of a specific access point on the onboard network is 
prevented. See column 11 lines 38-45. 
However, Huff does not explicitly state wherein the said security system communicates 
with a terrestrial-based system. 

Monroe teaches, as referenced by FIGURE 6 of a safety and surveillance 
equipment (transport installed system), residing on the said commercial vehicles, which 
reads on claimed "mobile network platform", the said transport installed system being 
interconnected via a link to the ground station or personal security unit, as disclosed in 
column 2 lines 46-48, 56-61, which reads on claimed "terrestrial-based network security 
management system." 

Therefore, at the time of the invention it would have been obvious to a person of 
ordinary skilled in the art to modify Huff et al. in view of Monroe in order to provide a 
security monitoring system capable of being implemented on a mobile platform used to 
monitor and transmit intrusion information back to a terrestrial-based system. 
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Allowable Subject Matter 
Claim 34, and 36-38 are allowed. 

Response to Arguments 

Applicant's arguments with respect to claims 20-28 and 30-31 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to RANDY PEACHES whose telephone number is (571) 
272-7914. The examiner can normally be reached on Monday - Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Charles Appiah can be reached on (571) 272-7904. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 

Patent Application Information Retrieval (PAIR) system. Status information for 

published applications may be obtained from either Private PAIR or Public PAIR. 

Status information for unpublished applications is available through Private PAIR only. 

For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

you have questions on access to the Private PAIR system, contact the Electronic 

Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

USPTO Customer Service Representative or access to the automated information 

system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Randy Peaches/ 
Examiner, Art Unit 2617 



/Charles N. Appiah/ 

Supervisory Patent Examiner, Art Unit 2617 



